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DETAILED ACTION 

1 . The Applicant's amendment of 05 November 2007 has been noted and made of record. 

2. Claims 1-18 have been presented for examination. 

Response to Arguments 

3. Applicant's arguments, see page 1 0, filed 05 November 2007, with respect to the 
specification have been fully considered and are persuasive. The objection of the specification 
has been withdrawn. 

4. Applicant's arguments with respect to claims 1-18 have been considered but are moot in 
view of the new grounds of rejection set forth below. 

Claim Rejections - 35 USC §103 

5. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

6. Claims 1-5-1 1 and 14-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
U.S. Patent No. 5,657,388 to Weiss, hereinafter Weiss, in view of U.S. Patent No. 5,479,512 to 
Weiss, hereinafter Weiss2. 

7. As per claims 1 and 14, Weiss teaches system for secure communication across a 
communication network comprising: 

a personal code generation means having one or more identification codes and one or 
more encryption codes (Figure 1 [blocks 12, 14, 50], column 2, lines 57-64, i.e. token processor 
is utilized to generate a one-time, non-predictable code), each identification code and each 
encryption code being arranged to change with time (column 3, lines 7-11, i.e. time-varying); 
and 
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a code server including each identification code and each encryption code (Figure 1 
[blocks 16, 60], column 5, lines 4-20), the code server being synchronized with the personal code 
generation means such that each identification code of the code server change independently of 
and in synchronization with each identification code of the personal code generation means of 
the personal code generation means (column 5, line 60 to column 6, line 15); 

wherein a user transmits across the communication network (column 5, lines 4-5), each 
identification code of the personal code generation means and data encrypted with each current 
encryption code of the personal code generation means and the code server uses each 
identification code of the code server to authenticate the user and each encryption code of the 
code server to decrypt the transmitted data (column 2, lines 57-65, column 6, lines 16-28, i.e. f 
inferring the encryption key in order to decrypt data to permit user access to the encrypted data; 
see figure 2 of U.S.P.N. 5,237,614 as incorporated by reference by Weiss). The Applicant is 
directed to the discussion of multiple reference 102 rejections at MPEP § 2131.01. 

8. Weiss does not teach one or more encryption codes that arranged to vary with time and 
are synchronized with the server. 

9. Weiss2 teaches an encryption key that is a one-time code that is synchronized similarly to 
that of Weiss (column 6, lines 5-26). 

10. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use one or more encryption codes that arranged to vary with time and are 
synchronized with the server, since Weiss2 states at column 6, lines 15-16 that the.use of one- 
time codes as encryption keys enhances security. 
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11. Regarding claims 2 and 15, Weiss incorporates U.S.P.N. 5,237,614 at column 2 lines 64- 
65. U.S.P.N. 5,237,614 teaches wherein the code server communicates to the user following 
authentication of the user by transmitting data across the communication network to the user 
encrypted with each encryption code of the code server (Figure 2 [block 52], column 9, lines 15- 
35) and the user decrypts the data transmitted by the code server with each encryption code of 
the personal code generation means (Figure 2 [block 56], column 9, lines 36-51). 

12. Regarding claim 3, 4, and 16, Weiss teaches wherein the code server stores information 
including a username and password assigned to the owner of the personal code generation means 
and the password is transmitted across the communication network and the code server uses the 
password to authenticate the user as the owner (column 1, lines 42-57). 

13. Weiss and Weiss2 do not teach that the username and password is transmitted with each 
identification code of the personal code generation means and the data encrypted with each 
encryption code and the code server uses the password to authenticate the user as the owner of 
the personal code generation means of the personal code generation means. 

14. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to transmit the username and password with the identification code and encryption 
code and using the password to authenticate the user, since Weiss teaches at column 2, lines 1 1- 
18 that varying the token information improves the security, as well as provides at least two 
forms of authentication of the user thereby providing better security. 
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15. Regarding claim 5, Weiss teaches wherein the personal code generation means comprises 
a personal portable token (Figure 1 [blocks 12, 14], column 4, lines 27-49). 



16. With regards to claim 6, the Examiner interprets a pendant as any hanging ornament, as 
an earring or the main piece suspended from a necklace. The definition courtesy of 
Dictionary.com Unabridged (v 1.1). Random House, Inc. 23 Apr. 2007. <Dictionary.com 
http://dictionary.reference.com/browse/pendant>. The Examiner contends that it is well known 
in the art that the personal portable token is a pendant and the Applicant now admits as such. 

17. With regards to claim 7, Weiss teaches wherein the personal portable token is a card 
(column 2, lines 1 8-34). 

1 8. With regards to claim 8, Weiss teaches wherein the personal code generation means 
includes a communication port to communicate each identification code of the personal code 
generation means and each current encryption code of the personal code generation means to a 
user's computer (column 5, lines 21-37). 

19. Regarding claim 9, Weiss teaches wherein the personal code generation means comprises 
software residing on a user's computer (column 2, lines 46-56, column 4, lines 44-58, i.e. 
machine readable form). 
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20. With regards to claim 10, Weiss teaches wherein the personal code generation means 
includes a display means (column 4, lines 46-49, i.e. laptops, notebook computers, and PDA 
devices all have display means). The Applicant admits that it is well known in the art that the 
display means displaying each identification code of the personal code generation means and 
each encryption code of the personal code generation means. 

21 . With regards to claim 1 1 , Weiss teaches wherein the personal code generation means 
comprises a smart card having an initialization code known to the code server and software 
residing on a user's computer (column 2, lines 18-34), the software being capable of generating 
each identification code and each encryption code based on the initialization code and a 
reference clock (column 7, lines 49-60), the code server also being capable of generating each 
identification code and each encryption code based on the initialization code and the reference 
clock (column 5, line 60 to column 6, line 15). 

22. Claims 12, 13, 17 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Weiss in view of Weiss2, and in further view of U.S. Patent No. 6,981,141 to Mahne et al, 
hereinafter Mahne. 

23. As per claims 12 and 17, Weiss teaches a system for securely accessing data stored in an 
encrypted form on a storage means accessible by a communication network comprising: 

a personal code generation means having one or more identification codes (Figure 1 
[blocks 12, 14, 50], column 2, lines 57-64, i.e. token processor is utilized to generate a one-time, 
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non-predictable code), each identification code being arranged to change with time (column 3, 
lines 7-11, i.e. time- varying); 

a code server including each identification code and each encryption code (Figure 1 
[blocks 16, 60], column 5, lines 4-20), the code server being synchronized with the personal code 
generation means such that each identification code of the code server of the server change 
independently of and in synchronization with each identification code of the personal code 
generation means of the personal code generation means, the code server also having a previous 
archiving code being the archiving code last used to encrypt the key archive and a current 
archiving code being arranged to change with time (column 5, line 60 to column 6, line 15); 

wherein when a user wishes to access each stored data file, the user transmits across the 
communication network (column 5, lines 4-5), each identification code of the personal code 
generation means and data including a request to access the stored data files encrypted with 
each encryption code of the personal code generation means and the code server uses each 
identification code of the code server to authenticate the user and each encryption code of the 
code server to decrypt the transmitted data and the code server communicates to the user the 
previous archiving code in encrypted form using each encryption code of the code server so that 
the user may decrypt the data to provide access to the stored data files (column 2, lines 57-65, 
column 6, lines 16-28, i.e. inferring the encryption key in order to decrypt data to permit user 
access to the encrypted data; see figure 2 of U. S.P.N. 5,237,614 as incorporated by reference by 
Weiss). 

24. Weiss does not teach one or more encryption codes that arranged to vary with time and 
are synchronized with the server, a key archive associated with the personal code generation 
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means and with one or more data files on the storage means, the key archive having information 
including the location of the data files and the encryption codes with which each of the data files 
is encrypted, the key archive being encrypted with an archiving code; and decrypting the key 
archive providing access to the stored data files. 

25. Weiss2 teaches an encryption key that is a one-time code that is synchronized similarly to 
that of Weiss (column 6, lines 5-26). 

26. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use one or more encryption codes that arranged to vary with time and are 
synchronized with the server, since Weiss2 states at column 6, lines 15-16 that the use of one- 
time codes as encryption keys enhances security. 

27. Mahne discloses a key table stored on a smart card which stores encryption keys used to 
decrypt files (column 8, lines 56-67, column 9, lines 43-50). 

28. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to include a key archive associated with the personal code generation means and with 
one or more data files on the storage means, the key archive having information including the 
location of the data files and the encryption codes with which each of the data files is encrypted, 
the key archive being encrypted with an archiving code; and decrypting the key archive 
providing access to the stored data files, since Mahne states at column 3, line 65 to column 4, 
line 2 that incorporating the key archive would provide an easy to use and inexpensive 
technology that would allow users to conveniently access encrypted documents and files. 
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29. Regarding claims 1 3 and 1 8, Mahne teaches wherein when the code server transmits to 
the user the previous archiving code, the code server also transmits the current archiving code 
and the user then uses the current archiving code to encrypt the key archive when the user has 
completed accessing the stored data files and the code server stores the current archiving code as 
the previous archiving code for future access to the store data files (column 8, lines 56-67, 
column 9, lines 43-50). 

Conclusion 

30. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

3 1 . The following patents are cited to further show the state of the art with respect to one- 
time codes, such as: 

United States Patent Application Publication No. 2004/0236819 Al to Anati et al, which 
is cited to show encryption using a one time code, for example, see paragraph 0055. 

United States Patent No. 5,988,497 to Wallace, which is cited to show authentication 
using smart cards that generate variable PIN numbers. 

32. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

33. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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34. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 



may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Christian LaForgia 
P0061tent Examiner 
Art Unit 2131 




